Welcome to Planet openSUSE

This is a feed aggregator that collects what openSUSE contributors are writing in their respective blogs.

To have your blog added to this aggregator, please read the instructions.

27 February, 2015


There’s a new build published today for the AMD FGLRX drivers.

It include the new patch made by Sebastian Siebert supporting Kernel 3.19x series you could have on 13.1, 13.2 and Tumbleweed openSUSE distribution.

The server just got the new rpms, so you should be able to update with zypper ref -f && zypper up

Have fun.

26 February, 2015


4:51 AM: I'm woken up by the sound of a loud chirp.  I roll over and pretend I didn't hear it.

4:52 AM: No luck, it's a smoke detector chirping from low battery.  Why can't this happen in the middle of the day?

I lay in bed for a while pretending that I can fall back asleep and ignore the chirp, I start thinking about the four Nest Protect systems I purchased and installed and how much I wish I had replaced all of my smoke alarms.  The only reason I hadn't replaced all of them is they are $99 each and I wanted to give them a test run before I completely replace them.

4:55 AM: I'm out of bed standing in the hallway at a strange angle hoping that on the next chirp I can determine which room has the chirping smoke alarm.  It's one of three because the hallway and one bedroom both have Nest Protect units in them and "they don't chirp!"

4:56 AM: The chirp comes from in front of me so it has to be the other bedroom.  I open the bedroom door, hear my teenage son stir and wonder how he can sleep through the chirping.  I open the battery compartment, yank out the battery, test it on my tongue (it seems strong) and then hear another chirp coming from behind me.

4:57 AM: I have opened every smoke detector on the floor and removed the battery because I simply want to get back to bed.  I will deal with this in the morning.

Then I heard another chirp.

How is that possible?  I don't have any more of these "old school" smoke detectors that chirp.  Is there something else in my house that makes a sound like that?

I stand very still and wait for it.


It's coming from the other bedroom.  The bedroom that has a Nest Protect in it.  I walk up to the door and crack it open trying not to wake my other son.  I look up at the Nest Protect unit on the ceiling and I'm stunned.  It chirps again.

Why am I stunned.  Let me quote from the Nest Protect website (italics added):

What is Nightly Promise?
Have you ever woken up in the middle of the night because your smoke alarm was chirping? Nest Protect has a better way: Nightly Promise. Each night when you turn out the lights you’ll get a quick green glow which means the batteries and sensors of Nest Protect are working. It also means no dreaded chirps at midnight so you can sleep safe and sound.
 I pull the unit down and disconnect the power and tell my son to go back to sleep.  I take it in my office and it chirps again.

Problem Reported in my Phone

I decide to look at my phone and see that the Nest app


This time of the year again. The monitoring was prodding us with "Your certificate will expire soon". When we fiddled with the tools to create the new CSR, we were wondering "Can we go 4K?". 4K is hip right now. 4K video. 4K TVs. So why not a 4K certificate? A quick check with the security team about the extra CPU load and checking our monitoring.

"Yes we can"

So with this refresh the certificate for all the SSL enabled services in Nuremberg is 4096 bits long. The setup is running with the new certificate for a few days already and so far we did not notice any problems. Next stop will be upgrading the SSL end points to a newer distribution so we get TLS 1.2 and our A grade back. Stay tuned for more news on this front.


Several scientific packages were added to main openSUSE repositories (Factory) in January 2015.

  • harminv (web page)
    Program (and accompanying library) to solve the problem of harmonic inversion — given a discrete-time, finite-length signal that consists of a sum of finitely-many sinusoids (possibly exponentially decaying) in a given bandwidth, it determines the frequencies, decay constants, amplitudes, and phases of those sinusoids.
  • libctl (web page)
    Guile-based library implementing flexible control files for scientific simulations.
  • meep (web page)
    Finite-difference time-domain (FDTD) simulation software package developed at MIT to model electromagnetic systems, along with our MPB eigenmode package.
  • elpa (web page)
    A new efficient distributed parallel direct eigenvalue solver for symmetric matrices. It contains both an improved one-step ScaLAPACK type solver (ELPA1) and the two-step solver ELPA2.
    ELPA uses the same matrix layout as ScaLAPACK. The actual parallel linear algebra routines are completely rewritten. ELPA1 implements the same linear algebra as traditional solutions (reduction to tridiagonal form by Householder transforms, divide & conquer solution, eigenvector backtransform). In ELPA2, the reduction to tridiagonal form and the corresponding backtransform are replaced by a two-step version, giving an additional significant performance improvement.

25 February, 2015

Michael Meeks: 2015-02-25 Wednesday

21:00 UTCmember

  • Up early, quick mail chew; set off for Cambridge; into the office to see Tracie; read a great report. Train on to Edinburgh, worked on budgets. Extraordinarily frustrating experience with intermittent connectivity and Evolution on the train for some hours.
  • Enjoyed some of the talks at the Open Source Awards, and a great meal mid-stream.
  • Extraordinarily honoured to recieve from Karen Sandler, on behalf of Collabora Productivity, the UK Open Source Awards 2015 - Best Organisation; gave a small acceptance spiel:
    • It is an honour: in a Cloud obsessed world to have a Commodity Client Software company represented. In a world obsessed by Tablets: to encourage Free Software that makes your PC/Mac keyboard really useful. Naturally, we do have a Tablet & phone version making good progress now (for the paper-haters).
    • LibreOffice 80+ million users: more than the UK's population. A brief correction - Collabora is only the 2nd largest contributor to the code - the 1st is volunteers in whose debt we all are. Everything we produce is Free Software.
    • Collabora - has a mission we believe in: To make Open Source rock (ono). We're betting our Productivity subsidiary on ODF and LibreOffice.
    • We're here to kill the old reasons not to deploy Free Software: with long term maintenance for three to five years; rich support options - backing our partner/resellers with a fast code-fix capability; and finally killing complaints - we can implement any feature, fix any bug, and integrate with any Line Of Business app for you.
    • In the productivity space - innovation is long overdue; Free Software can provide that. Thanks for coming & your support


It has been a while since we reported about YaST in this site. This post in Spanish from fellow openSUSE blogger Victorhck has inspired us to write about some exciting news that deserve to be shared with the whole openSUSE community. YaST has always been a completely free and open source project, but free and open source means way more than just having the code available in some server at Internet. You may know lowering the entry barrier to contribute to YaST has been one of the goals of the project.

The first big step was moving from YCP to a more popular, documented and widespread programming language like Ruby. The new Ruby-based codebase debuted in openSUSE 13.1, full of automatically converted code that looked "not so Ruby". Now, with the revamped installation workflow introduced in openSUSE 13.2 and after a whole release cycle of refining and polishing the YaST code and the development tools, the world of YaST development is a nicer place for newcomers.

So we have the code publicly available and written in a nice popular language, we have easy to install development tools, we have a public IRC channel and an open mailing list and we have a group of experienced developers willing to help anybody wanting to jump aboard. What is missing?

Tons of documentation!

The YaST team has put some effort in the last months gathering all the development documentation that was disperse and creating new one. The result is the new YaST development landing page. The page is packed with information useful to anyone willing to introduce himself in the world of YaST development and also acts as a central documentation hub, containing links to information hosted in Rubydoc.info, doc.opensuse.org or the openSUSE wiki. Among other things, the page includes a guide with the first steps for newcomers, a section with documentation targeted at developers and another one with descriptions of the processes and guidelines observed while developing YaST.

One of the sources of information linked from the YaST landing page is the brand new tutorial titled "Creating the YaST journalctl module". As the title suggests, the tutorial presents a very simple example of a YaST module developed from scratch in pure Ruby. The document is focused on the tools and the overall architecture trying to balance nicely theory and practice. All the example code and files used in the tutorial are available in a git repository that follows the learning time-line, with every tag corresponding to a step in the tutorial.

But this tutorial is not the only evidence of a flourishing Ruby future for YaST.

New modules

The last months have seen the born of several new YaST modules written in Ruby from scratch. The source code of all of them is available at Github and the modules themselves are all included and directly installable on openSUSE Tumbleweed, with the exception of the I/O Channels module, available only for SLE since it’s targeted at

Kohei Yoshida: Orcus 0.7.1 is out

00:56 UTCmember


After more than a year since the release of 0.7.0, I’m once again very happy to announce that the version 0.7.1 of the Orcus library is now available for download. You can download the package from the project’s download page.

This is a maintenance release. It primarily includes bug fixes and build fixes since the 0.7.0 release with no new features. That said, the most notable aspect of this release is that it is buildable with the version 0.9.0 of the Ixion library which was just released a week ago. So, if you are trying to package and distribute the newly-released Ixion library but are unable to do so because of Orcus not being buildable with it, you might be interested in this release.

The next major upgrade will be 0.9.0 whose development is on-going on the current master branch. Hopefully that release won’t be too far away.

24 February, 2015

Michael Meeks: 2015-02-24 Tuesday

21:00 UTCmember

  • Mail chew, built ESC stats; mail; lunch. Customer call. Reviewed the LibreOffice 4.4 feature set to write a LXF column, rather encouraged.
  • Booked train tickets to the great Open Source Awards tomorrow in Edinburgh.

The "Ceph Developer Summit" for the Infernalis release is on the way. The summit is planed for 03. and 04. March. The blueprint submission period started on 16. February and will end 27. February 2015. 

Do you miss something in Ceph or plan to develop some feature for the next release? It's your chance to submit a blueprint here.


Since the release of the 3.19 kernel in openSUSE Tumbleweed the vmnet module will fail to build for VMware Workstation 11.0.x

VMware community message

Credit for the patch

patch available at 1

Execute the following steps to patch your VMware Workstation 11.0.x

Download the patch to /tmp:
# curl -L "https://docs.google.com/a/seader.us/uc?authuser=0&id=0BxMaO3Y-qL_1Z2NMSkxRdndzNlk&export=download" -o /tmp/vmnet-3.19.patch
Extract the vmnet module from sources:
# cs /usr/lib/vmware/modules/source
# tar -xf vmnet.tar
Apply the patch to the source:
# patch -p0 -i /tmp/vmnet-3.19.patch
Recreate the source archive:
# tar -cf vmnet.tar vmnet-only 
Remove leftover folder:
# rm -r *-only
Rebuild VMware modules:
# vmware-modconfig --console --install-all


openSUSE Conference 2015

Link to oSC15 webpage


As you may already know, the Travel Support Program (TSP) provides travel sponsorships to openSUSE community who want to attend the openSUSE conference and need financial assistance. The openSUSE conference 2015 will held in the city of The Hague – Netherlands, from May 1st to May 5th.



The goal of the TSP is to help everybody in and around openSUSE to be able to go to the openSUSE Conference!


When and how

The application period will be opened from February 24th to March 5th. The approval results will be done by TSP App on March 9th and the sponsoship acception must to be done until March 12th. In case the requester doesn’t Approve the sponsorship the amount will be given for the next on the waiting list.

Remember: All requests will be managed through the TSP application at http://connect.opensuse.org/travel-support.

You will need an openSUSE Connect account in order to log in the application and apply for sponsorship. Please be sure to fullfil all of your personal details at openSUSE connect account to avoid delays or negative request. A good application with good information will be processed faster.

A few reminderstips

  • Please read the TSP page carefully before you apply.
  • Any information you send to the Travel Committee will be private.
  • We want everybody there! Even if you think you would not qualify for the travel support, just submit and make it worth! If you don’t try you won’t get!
  • If you submitted an abstract to be presented you should mention it in your application.
  • The Travel Committee can reimburse up to 80% of travel and/or lodging costs. That includes hotel, hostel, plane,train, bus, even gas for those willing to drive. Remember, no taxi!
    • Important: Food and all local expenses are on you!
  • We want to sponsor as many people as possible so please check the best deal.
  • The Travel Committee won’t be able to book or pay anything in advance. The reimbursement will be done after the event finishes and based on your expenses receipts.
  • no receipts = no money It is the rule!

If you have any question regarding your trip to the conference do not hesitate to ask the TSP or oSC15 organizers.

We hope to see you there!

23 February, 2015

Michael Meeks: 2015-02-23 Monday

21:00 UTCmember

  • Mail chew, 1:1 calls with people, lunch. Team call, sync with Lubos, mail, hacked a little bit on gtktiledviewer wrt. zoomed in selection overlay rendering. 2nd team call.

22 February, 2015

Michael Meeks: 2015-02-22 Sunday

21:00 UTCmember

  • Lie-in, out to NCC - Claire preached well; back for lunch with Dean and Moulouia(?) and their fun-sized girls. Quarter practice with the babes, watched a notably terrible 'Cindy' film; tea, read stories bed.

21 February, 2015

Michael Meeks: 2015-02-21 Saturday

21:00 UTCmember

  • Up earlyish; counted the area for tiles, into Bury to order just the right kind; to Noughton Park to play with the babes. Back for lunch.
  • Spent much of the afternoon moving more cupboards from wall A (the wrong wall) to wall B (the right wall). Considered the plans to create fitted family lockers for the assorted junk that four babes produce - to match JP's version we admired in Toronto.


openSUSE miniSummit T-shirtBy Bruno Friedmann

Hi Geekos, here is a small summary of our Thursday February 19th openSUSE miniSummit event here at SCALE 13x.

Located in Century AB room, a 80 seats room, the average attendance rate was varying between 50% and 85%.

Qualifying the attendance 50% or more were not related to SUSE / openSUSE, which had a good wealth of questions and feedback.

The day started by a talk about openSUSE / SUSE Xen and openstack by Peter Linnel and Russel Pavlicek.

One hour later Manu Gupta has presented all the bolts and nuts about Google Summer of Code at openSUSE.

We then go for lunch, and corridor exchanges.

I opened the afternoon with my talk “them + me = we” about breaking mythic frontier.

Then, just after a small break, Mark Fasheh, a member of filesystem SUSE Labs group, had a talk about the project Duperemove: dedupe on btrfs (have a look of the source on github, and the package available on obs).

The day continued with a Town Hall talk by myself and Peter running an open discussion with attendees. With interesting remarks and feedback from openSUSE users, and also complete foreigners. For example, the way systemd was introduced in openSUSE distribution was appreciated (having choice during 2 versions). It was an unstressfull, open and positive exchange.

To follow, Bryan Lunduke and Peter animated a talk about “the 10 things you would love about SUSE and openSUSE if you only you knew…”

I did really enjoy the way they numbered the slides …
Freschy, punchy, funky, the kinda talk I would like to see again at OSC15.

To finalize the day, Markus Feilner​ for Linux Magazine (Germany) talked about openQA.

I found the day interesting and a perfect mix between openSUSE and SUSE during this day, confirming the excellent partnership we have.

Thanks you to the sponsors of this day and to all those who helped make it happen.

Links :
SCALE picture album day 1 : by Françoise on G+

openSUSE miniSummit day album :
Bruno’s Album on G+

Follow the news on G+ channel

Stay tuned for more news during this week-end.

20 February, 2015

Michael Meeks: 2015-02-20 Friday

21:00 UTCmember

  • Mail chew, patch review, fixed an Android crasher, and tried to avoid a SIGILL running Android/Atom code on my AMD x86_64 machine in the android emulator: nasty, failed to overcome that with my Core II Duo. Perhaps new NDK's really generate lots of hyper-new instructions, odd.
  • Took apart my Motorola Xoom which has failed to charge reliably recently. Very impressed with the non-soldered-in, surface-mount - get really well secured (by moulding in the chassis) power connector; removed and tweaked this with a needle to mend it (for now).


A common frustration with Java is the inability to overload methods when the method signatures differ only by type parameters.

Here’s an example, we’d like to overload a method to take either a List of Strings or a List of Integers. This will not compile, because both methods have the same erasure.

class ErasureExample {
    public void doSomething(List<String> strings) {
        System.out.println("Doing something with a List of Strings " );
    public void doSomething(List<Integer> ints) { 
        System.out.println("Doing something with a List of Integers " );

If you delete everything in the angle brackets the two methods will be identical, which is prohibited by the spec

public void doSomething(List<> strings) 
public void doSomething(List<> strings)

As with most Java things – if it’s not working, you’re probably not using enough lambdas. We can make it work with just one extra line of code per method.

class ErasureExample {
    public interface ListStringRef extends Supplier<List<String>> {}
    public void doSomething(ListStringRef strings) {
        System.out.println("Doing something with a List of Strings " );
    public interface ListIntegerRef extends Supplier<List<Integer>> {}
    public void doSomething(ListIntegerRef ints) {
        System.out.println("Doing something with a List of Integers " );

Now we call call the above as simply as the following, which will print “Doing something with a List of Strings” followed by “Doing something with a List of Integers”

public class Example {
    public static void main(String... args) {
        ErasureExample ee = new ErasureExample();
        ee.doSomething(() -> asList("aa","b"));
        ee.doSomething(() -> asList(1,2));

Using the wrapped lists inside the method is straightforward. Here we print out the length of each string and print out each integer, doubled. It will cause the above main method to print “2124”.

class ErasureExample {
    public interface ListStringRef extends Supplier<List<String>> {}
    public void doSomething(ListStringRef strings) {
        strings.get().forEach(str -> System.out.print(str.length()));
    public interface ListIntegerRef extends Supplier<List<Integer>> {}
    public void doSomething(ListIntegerRef ints) {
        ints.get().forEach(i -> System.out.print(i * 2));

This works because the methods now have different erasure, in fact the method signatures have no generics in at all. The only additional requirement is prefixing each argument with “() ->” at the callsite, creating a lambda that is equivalent to a Supplier of whatever type your argument is.


Hi Geekos, here a small summary of our Thursday February 19th openSUSE miniSummit event here at SCale 13x.

Located in Century AB room, a 80 seats room. The average attendance rate was varying between 50% and 85%.
Qualifying the attendance 50% or more were not related to SUSE / openSUSE, which was a good experience of question and feedback.

openSUSE miniSummit T-shirt

The day started by a talk about openSUSE / SUSE Xen and openstack by Peter Linnel and Russel Pavlicek.
One hour later Manu Gupta has presented all the bolts and nuts about GSOC at openSUSE.

We then go for lunch, and corridor exchanges.

I’ve opened the afternoon with my talk “them + me = we” about breaking mythic frontier
Then just after a small break, Mark Fasheh member of filesystem SUSE Labs group has talk about the project Duperemove: dedupe on btrfs (have a look on github the source are there, and package available on obs)

The day continue with a Town Hall talk co-animated by myself and Peter running an open discussion with attendees. With interesting remarks and feedback from openSUSE users, and also complete foreigners. For example, the way systemd was introduced in openSUSE distribution was appreciated (having choice during 2 versions). It was an unstressfull, open and positive exchange.

To follow, Bryan Lunduke and Peter animated a talk about “the 10 things you would love about SUSE and openSUSE if you only you knew…”
I did really enjoy the way they numbered the slides …
Freschy, punchy, funky, the kinda talk I would like to see again at OSC15.

To finalize the day, Markus Feilner​ for Linux Magazine (de) talked about openQA.

I found interesting the perfect mix we’ve done between openSUSE and SUSE during this day, confirming the excellent partnership we have.
Let the sponsors of this day be warmly thanked to make it happened.

Links :
SCale picture album day 1 : by Françoise on G+

openSUSE miniSummit day album :
Bruno’s Album on G+

Follow the news on G+ channel

Stay tuned for more news during this week-end.


1. captcha is not case-sensitive

2. you can get around concurrent downloads limit using incognito window from chromium. If you need more downloads, chromium --temp-profile does the trick, too.

What you might want to know about Debian stable

Somehow, Debian stable rules do not apply to the Chromium web browser: you won't get security updates for it. I'd say that Chromium is the most security critical package on the system, so it is strange decision to me. In any case, you want to uninstall chromium, or perhaps update to Debian testing.

19 February, 2015


In the past I’ve posted several articles on various tweaks to improve Power Management on Intel Sandy/Ivybridge hardware, based on my experiments with my Lenovo X220

With more recent releases of openSUSE, I’ve been experimenting with my old tweaks, and found that they NO LONGER help with power management – In fact, they seem to increase it

So, my advice at the moment – if you want a Linux OS that has good Power Management on a Lenovo X220 or similar laptop.. install openSUSE Tumbleweed, and don’t change the default settings :)


Michael Meeks: 2015-02-19 Thursday

21:00 UTCmember

  • Built ESC bug stats, and created a wiki page for the pending and awesome Cambridge LibreOffice Hackfests - May 21st to 23rd.
  • H's friend Paris over; lunch. ESC call.


Open voting is available for all session submissions until February 23rd at 5pm CST. This is a great way for the community to decide what they want to hear.

 I have submitted a handful of sessions which I hope will be voted for. Below are some short summary's and links to their voting pages.

  • Accelerate OpenStack deployment with OpenStack Admin Appliance ( Speaker: Cameron Seader ) 
In an effort to make OpenStack available to the non-tech user and appear much less of a heavy lifting project, I have created the SUSE OpenStack Cloud Admin Appliance. However, no matter if your an OpenStack Noob, Professional, Expert or Developer...
  • Deploying SUSE OpenStack Cloud with the Xen Project Hypervisor ( Speakers: Cameron Seader, Russell Pavlicek, Stefano Stabellini ) 
Its all about choice these days when it comes to selecting your OpenStack hypervisor. But what makes for a good choice of hypervisor? And why should you consider the Xen Project Hypervisor when there are other possible selections? ...
  • Hands-On With Heat: Service Orchestration in the Cloud submitted by Rick Ashford ( Speakers: Rick Ashford, Cameron Seader )
 OpenStack Heat provides a framework for predefining a structured service, and allows you instantiate that service in an automated manner. This hands-on lab will walk the participants through the process of creating a Heat template file for a multi-tiered...
  • Planning an Enterprise OpenStack Deployment submitted by Rick Ashford ( Speakers: Rick Ashford, Cameron Seader )
Deploying OpenStack can be a difficult, time-consuming, and complex task. Doing it successfully is even harder. Planning and coordination between groups are the key differences between successful and failed implementations. Come discuss the questions you will need to ask yourself to be able to architect...
Thanks for your support.

    Michal Čihař: Weblate 2.2

    17:00 UTC


    Weblate 2.2 has been released today. It comes with improved search, user interface cleanup and various other fixes.

    Full list of changes for 2.2:

    • Performance improvements.
    • Fulltext search on location and comments fields.
    • New SVG/javascript based activity charts.
    • Support for Django 1.8.
    • Support for deleting comments.
    • Added own SVG badge.
    • Added support for Google Analytics.
    • Improved handling of translation file names.
    • Added support for monolingual JSON translations.
    • Record component locking in a history.
    • Support for editing source (template) language for monolingual translations.
    • Added basic support for Gerrit.

    You can find more information about Weblate on http://weblate.org, the code is hosted on Github. If you are curious how it looks, you can try it out on demo server. You can login there with demo account using demo password or register your own user.

    Weblate is also being used https://hosted.weblate.org/ as official translating service for phpMyAdmin, Gammu, Weblate itself and other projects.

    If you are free software project which would like to use Weblate, I'm happy to help you with set up or even host Weblate for you.

    Further development of Weblate would not be possible without people providing donations, thanks to everybody who have helped so far!

    PS: The roadmap for next release is just being prepared, you can influence this by expressing support for individual issues either by comments or by providing bounty for them.

    Filed under: English phpMyAdmin SUSE Weblate | 0 comments | Flattr this!


    Cuttlefish icon previewer

    Cuttlefish icon previewer

    One of the things I’ve been sorely missing when doing UI design and development was a good way to preview icons. The icon picker which is shipped with KDE Frameworks is quite nice, but for development purposes it lacks a couple of handy features that allow previewing and picking icons based on how they’re rendered.

    Over the christmas downtime, I found some spare cycles to sit down and hammer out a basic tool which allows me to streamline that workflow. In the course of writing this little tool, I realised that it’s not only useful for a developer (like me), but also for artists and designers who often work on or with icons. I decided to target these two groups (UI developers and designers) and try to streamline this tool as good as possible for their usecases.

    Cuttlefish is the result of that work. It’s a small tool to list, pick and preview icons. It tries to follow the way we render icons in Plasma UIs as close as possible, in order to make the previews as realistic as possible. I have just shown this little tool to a bunch of fellow Plasma hackers here at the sprint, and it was very well received. I’ve collected a few suggestions what to improve, and of course, cuttlefish being brand-new, it still has a few rough edges.

    You can get the source code using the following command:

    git clone kde:scratch/sebas/cuttlefish
    git clone kde:plasmate

    and build it with the cmake.

    Enjoy cuttlefish!

    [Edit] We moved cuttlefish to the Plasmate repository, it’s now part of Plasma’s SDK.


    We're happy to announce that ec2 image type has been enabled for SUSE Linux Enterprise 12 appliances. From now on you can build and upload SLE12 appliances that are base on JeOS or Server template in the Amazon Web Service.

    Be advised that SLE12 support on SUSE Studio is a technology preview.

    Just a few days after the SUSE Linux Enterprise 12 release, you can create SLE12 appliances with SUSE Studio as you have been creating them for the SLE11 series or the openSUSE versions.

    New products based on SUSE Linux Enterprise 12 feature enhancements that more readily enable system uptime, improve operational efficiency and accelerate innovation:
    • New core technologies like systemd (replacing the time honored System V based init process) and wicked (introducing a modern, dynamic network configuration infrastructure).
    • The open source database system MariaDB is fully supported now.
    • Support for the open-vm-tools together with VMware for better integration into VMware based hypervisor environments.
    • Linux Containers are integrated into the virtualization management infrastructure (lib-virt).
    • Docker is provided as a technology preview.
    • GNOME 3.10 (or just GNOME 3), giving users a modern desktop environment.
    • Integration with the new SUSE Customer Center, SUSE's central web portal to manage Subscriptions, Entitlements, and provide access to Support.
    • SUSE Linux Enterprise Server 12 includes infrastructure for a live kernel patching technology delivered through SUSE Linux Enterprise Live Patching.
    • SUSE Linux Enterprise Server Modules offer a choice of supplemental packages, ranging from tools for Web Development and Scripting, through a Cloud Management module, technically delivered as extra repositories.
     Just choose one the SLE12 ready templates and start creating your SLE12 based product.

    Do you already have a SLE11SP3 appliance? Click on the Upgrade button and convert that to a SLE12 based appliance.


    18 February, 2015

    Michael Meeks: 2015-02-18 Wednesday

    21:00 UTCmember

    • Plugged at mail, got through a number of the more vexing task backlog. Contract review, chat with Chris & Vladimir; partner call. Enjoyed the antics of 'Ludo Backslash' in Assylum, sleep.

    • Integer overflow in librsvg

      Another bug that showed up through fuzz-testing in librsvg was due to an overflow during integer multiplication.

      SVG supports using a convolution matrix for its pixel-based filters. Within the feConvolveMatrix element, one can use the order attribute to specify the size of the convolution matrix. This is usually a small value, like 3 or 5. But what did fuzz-testing generate?

      <feConvolveMatrix order="65536">

      That would be an evil, slow convolution matrix in itself, but in librsvg it caused trouble not because of its size, but because C sucks.

      The code had something like this:

      struct _RsvgFilterPrimitiveConvolveMatrix {
          double *KernelMatrix;
          gint orderx, ordery;

      The values for the convolution matrix are stored in KernelMatrix, which is just a flattened rectangular array of orderx × ordery elements.

      The code tries to be careful in ensuring that the array with the convolution matrix is of the correct size. In the code below, filter->orderx and filter->ordery have both been set to the dimensions of the array, in this case, both 65536:

      guint listlen = 0;
      if ((value = rsvg_property_bag_lookup (atts, "kernelMatrix")))
          filter->KernelMatrix = rsvg_css_parse_number_list (value, &listlen);
      if ((gint) listlen != filter->orderx * filter->ordery)
          filter->orderx = filter->ordery = 0;

      Here, the code first parses the kernelMatrix number list and stores its length in listlen. Later, it compares listlen to orderx * ordery to see if KernelMatrix array has the correct length. Both filter->orderx and ordery are of type int. Later, the code iterates through the values in the filter>KernelMatrix when doing the convolution, and doesn't touch anything if orderx or ordery are zero. Effectively, when those values are zero it means that the array is not to be touched at all — maybe because the SVG is invalid, as in this case.

      But in the bug, the orderx and ordery are not being sanitized to be zero; they remain at 65536, and the KernelMatrix gets accessed incorrectly as a result. Let's see what happens when you mutiply 65536 by itself with ints.

      (gdb) p (int) 65536 * (int) 65536
      $1 = 0

      Well, of course — the result doesn't fit in 32-bit ints. Let's use 64-bit ints instead:

      (gdb) p (long long) 65536 * 65536
      $2 = 4294967296

      Which is what one expects.

      What is happening with C? We'll go back to the faulty code and get a disassembly (I recompiled this without optimizations so the code is easy):

      $ objdump --disassemble --source .libs/librsvg_2_la-rsvg-filter.o
          if ((gint) listlen != filter->orderx * filter->ordery)
          4018:       8b 45 cc                mov    -0x34(%rbp),%eax    
          401b:       89 c2                   mov    %eax,%edx           %edx = listlen
          401d:       48 8b 45 d8             mov    -0x28(%rbp),%rax
          4021:       8b 88 a8 00 00 00       mov    0xa8(%rax),%ecx     %ecx = filter->orderx
          4027:       48 8b 45 d8             mov    -0x28(%rbp),%rax
          402b:       8b 80 ac 00 00 00       mov    0xac(%rax),%eax     %eax = filter->ordery
          4031:       0f af c1                imul   %ecx,%eax
          4034:       39 c2                   cmp    %eax,%edx
          4036:       74 22                   je     405a <rsvg_filter_primitive_convolve_matrix_set_atts+0x4c6>
              filter->orderx = filter->ordery = 0;
          4038:       48 8b 45 d8 


    Plasma Desktop's Toolbox

    Plasma Desktop’s Toolbox

    One of the important design cornerstones of Plasma is that we want to reduce the amount of “hidden features” as much as possible. We do not want to have to rely on the user knowing where to right-click in case she wants to find a certain, desktop-related option, say adding widgets, opening the desktop settings dialog, the activity switcher, etc.. For this, Plasma 4.0 introduced the toolbox, a small icon that when clicked opens a small dialog with actions related to the desktop. To many users, this is an important lifeline when they’re looking for a specific option.

    In Plasma 4.x, there was a Plasmoid, provided by a third party, that used a pretty gross hack to remove the toolbox (which was depicted as the old Plasma logo, resembling a cashew a bit). We did not support this officially, but if people are deliberately risking to break their desktop, who are we to complain. They get to keep both pieces.

    During the migration to QML (which begun during Plasma 4.x times), one of the parts I had been porting to QtQuick was this toolbox. Like so many other components in Plasma, this is actually a small plugin. That means it’s easy to replace the toolbox with something else. This feature has not really been documented as its more or less an internal thing, and we didn’t want to rob users of this important lifeline.

    Some users want to reduce clutter on their desktop as much as possible, however. Since the options offered in the toolbox are also accessible elsewhere (if you know to find them). Replacing the toolbox is actually pretty easy. You can put a unicorn dancing on a rainbow around your desktop there, but you can also replace it with just an empty object, which means that you’re effectively hiding the toolbox.

    For users who would rather like their toolbox to be gone, I’ve prepared a small package that overrides the installed toolbox with an empty one. Hiding the toolbox is as easy as installing this minimal package, which means the toolbox doesn’t get shown, or even get loaded.

    I would not recommend doing this, especially not as default, but at the same time, I don’t want to limit what people do with their Plasma do what we as developers exactly envision, so there you go.

    Download this file, then install it as follows:

    plasmapkg2 -t package -i emptytoolbox.plasmoid

    Now restart the Plasma Shell (either by stopping the plasmashell process, or by logging out and in again), and your toolbox should be gone.

    If you want it back, run

    plasmapkg2 -t package -r org.kde.desktoptoolbox

    Then restart Plasma and it’s back again.

    Even more than just removing the toolbox, I’d like to invite and encourage everybody to come up with nice, crazy and beautiful ideas how to display and interact with the toolbox. The toolbox being a QtQuick Plasmoid package


    ..then the first step is to stop more regressions. That's the situation with Nokia N900 kernel now: it has a lot of hardware, and there's kernel support for most of that, but userland support really is not mature enough. So I added test script to tui/ofone, which allows testing of battery, audio, LEDs, backlight, GPS, bluetooth and more. It is called "tefone". "ofone" script (with gtk gui) can be used to control modem, place calls and read SMSes. You'll need a library to actually get voice calls with audio.

    On a related note, my PC now resumes faster than my monitor turns on. I guess we are doing good job. (Or maybe Fujitsu did not do such a good job). Too bad resume broke completely in 3.20-rc0 on thinkpad.

    Older blog entries ->